Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add bounds check on allocation size #846

Merged
merged 2 commits into from May 14, 2019
Merged

Add bounds check on allocation size #846

merged 2 commits into from May 14, 2019

Conversation

kevinbackhouse
Copy link
Collaborator

Fixes #845.

The main issue is the unchecked value of length at pngchunk_int.cpp:669. But I have also fixed some minor issues where *sp was read before the check that sp < eot.

@codecov
Copy link

codecov bot commented May 13, 2019
edited

Codecov Report

Merging #846 into 0.27-maintenance will increase coverage by <.01%.
The diff coverage is 75%.

Impacted file tree graph

@@                 Coverage Diff                  @@
##           0.27-maintenance     #846      +/-   ##
====================================================
+ Coverage             62.71%   62.71%   +<.01%     
====================================================
  Files                   156      156              
  Lines                 21558    21567       +9     
====================================================
+ Hits                  13520    13526       +6     
- Misses                 8038     8041       +3
Impacted Files Coverage Δ
src/pngchunk_int.cpp 87.9% <75%> (-0.71%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c0ecc2a...bcaca80. Read the comment docs.

piponazo
piponazo reviewed May 13, 2019
View reviewed changes
src/pngchunk_int.cpp Outdated

long length = (long) atol(startOfLength);
enforce(length >= 0, Exiv2::kerCorruptedMetadata);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we merge these 2 conditions into a single call to enforce ? I am fine if you prefer to leave it as it is.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

piponazo
piponazo previously approved these changes May 13, 2019
View reviewed changes
Copy link
Collaborator

@piponazo piponazo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks!

@mergify mergify bot dismissed piponazo’s stale review May 14, 2019 08:59

Pull request has been modified.

@piponazo piponazo merged commit 43f154f into Exiv2:0.27-maintenance May 14, 2019
@mergify mergify bot mentioned this pull request May 14, 2019
Merged
@clanmills clanmills added this to the v0.27.2 milestone May 19, 2019
@kevinbackhouse kevinbackhouse deleted the afl_bugfixes_pngchunk branch September 18, 2021 12:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@piponazo piponazo piponazo approved these changes

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
v0.27.2
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kevinbackhouse @piponazo @clanmills